“My business won’t be affected by fraud, It’s too small to be a target.”
“We know our customers and it’s always been ok so far.”
“We try to be aware but we know we don’t do enough to protect ourselves, so far we’ve been lucky.”
These are the kind of statements many businesses come up with when I speak to them about the threats of corporate fraud. The truth is that although small businesses often think they’re not, they are in fact extremely vulnerable, as many fraudsters see them as easy or soft targets.
Focusses the mind, doesn’t it. So what do you need to know.
Types of Fraud to look out for
Fraudsters are extremely entrepreneurial! They’re always thinking of new scams and tricks to dupe unsuspecting businesses. The fraudsters’ top modus operandi is abusing payment methods. A recent scam involves an urgent request by ‘senior/top management’ for a money transfer for a sensitive transaction that tries to bypass normal procedures. A second fraudster poses as a lawyer. Review internal procedures about how transactions are requested and approved. Ensure staff stick to procedures and checks at all times, make it clear that even a CEO/MD would never ask staff to flout these. If in doubt check with your finance director, who should not mind being asked!
Here are some other key areas & issues to be wary of…
Many general supplier scams involve abusing the purchasing process. Suppliers (or fake suppliers) use various methods such as fake invoices, advance fee scams, procurement fraud, insolvent trading and phoenix companies which dissolve/reappear as a different company after receiving the goods but without paying, and telemarketing office supply scams that con employees into ordering, and paying for, unwanted overpriced goods.
Employee fraud includes scams such as procurement fraud, expenses fraud, false accounting, payment and receipt fraud and even personnel management such as abuse of sick leave and flexi-working as well as asset and information exploitation where employees use the company for personal gain.
Customer-based scams often use cheque overpayment and reimbursement requests as well as electronic payment and card fraud using stolen cards or cardholder not present tactics. Longer term fraud, where customers establish a trading history before then placing big orders, receiving the goods and disappearing. This type of scam also often targets new online companies, defrauding them in a much shorter timeframe.
Computer software fraud can involve fraudsters pretending to be tech support from big IT companies like Microsoft or Apple. They ask to verify credit card details etc to obtain access to systems. The Microsoft Lottery is also a popular scam – it does not exist.
Today ‘assets’ are as much our online identity as stock and property. The top scams include ID fraud, IP theft, hacking, account takeovers as well as insider fraud where employees (or third parties) abuse their position to steal cash, credit notes, intellectual property and more.
Business directory, marketing and charitable donation scams use innocuous or rejection documents with small print to trick companies into signing up to their services and ‘donations’ – obviously they’re not bona fide.
My top tips to help your business avoid becoming a victim of fraud
- Deny requests to dodge proper process (invoicing, payment, delivery). Always ask for invoices, never pay out because you feel pressurised, always get everything signed off through the proper verification processes.
- Check and (if in doubt) double check email addresses and phone numbers before making transactions. Check for one or two letters difference from a true company email/domain.
- Look for irregular purchasing patterns, lack of interest in products, bulk buying, delivery irregularities. If in doubt, ask questions about the order or request more ID.
- Be suspicious of cheques made for more than the order amount, requesting the difference to be transferred back.
- For online based transactions, set up bank verification systems such as Verified by Visa or MasterCard SecureCode to give added protection.
- Check credit history of trade customers and research their online reputation – or even publicly filed records such as those at their Companies House.
- Be wary of emails with internet hyperlinks to click on. Hover over the link to check the web address, if you have any doubts about that web address, type it into Google (NOT your browser) and you may find it is a fraud.
Want more info? Here are my top 10 useful links.
- Action Fraud is the national fraud and cyber crime reporting centre. It provides useful prevention advice as well as free fraud alerts detailing new scams.
- Get Safe Online provides business advice to safeguard physical and data security.
- The Information Commissioner’s Office offers A practical Guide to Online Security
- The Fraud Advisory Panel provides advice on how to protect your business.
- Chartered Institute of Personnel & Development provides advice on managing (and mitigating) staff fraud.
- Experian provides credit checks as well as advice and updates on their ID and fraud blog
- Financial Fraud Action UK has advice on electronic payments (Cards)
- The Bank of England website offers guidance on counterfeit cash & currency
- The Cheque & Credit Clearing Company provides tips to avoid cheque fraud
- Even more sites and useful information can be found here.
WrightCFO is an outsourced Finance Director consultancy specialising in part-time FD contracts in the SME market. Contact me for a free consultation.